Search Results

Search found 92246 results on 3690 pages for 'user authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 84/3690 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

  • nginx returning authentication in IE

    - by James MacLeod
    I am having a few issues with an nginx server. I have a site setup that keeps requesting authentication when accessed from IE but in firefox and safari the site is fine no request for authentication. Reading around the web I can see that it could be the gzip that may be causing errors, but the other sites are working without issue. Here is the config: user sysadmin sysadmin; worker_processes 8; error_log logs/error.log debug; events { worker_connections 1024; } http { passenger_root /usr/lib/ruby/gems/1.8/gems/passenger-2.2.9; passenger_ruby /usr/bin/ruby1.8; include mime.types; default_type application/octet-stream; client_header_timeout 3m; client_body_timeout 3m; client_max_body_size 5m; send_timeout 3m; client_header_buffer_size 1k; large_client_header_buffers 4 4k; gzip on; gzip_min_length 1100; gzip_buffers 4 8k; gzip_types text/plain; output_buffers 1 32k; postpone_output 1460; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 75 20; server { listen 80; server_name .reg-power.com .reg-power.co.uk .reg-power.eu .reg-power.eu.com .reg-power.net .reg-power.org .reg-power.org.uk .reg-power.uk.com .regegen.eu .regpower.co.uk .regpower.eu .regpower.eu.com .regpower.net .regpower.org .regpower.org.uk .regpower.uk.com .renegen.com .renegen.eu .renewableenergygeneration.co.uk .renewableenergygeneration.com reg.rails1.flowhost.co.uk; root /home/sysadmin/reg/current/public; passenger_enabled on; rails_env production; index index.html; } server { listen 80; server_name media.reg-power.com; root /home/sysadmin/admin/current/public; index index.html; } server { listen 80; server_name admin.reg-power.com admin.rails1.flowhost.co.uk; root /home/sysadmin/admin/current/public; passenger_enabled on; rails_env production; index index.html; } server { listen 80; server_name .livingfuels.co.uk livingfuels.rails1.flowhost.co.uk; root /home/sysadmin/livingfuels/current/public; passenger_enabled on; rails_env production; index index.html; } server { listen 80; server_name .regbiopower.com .regbiopower.co.uk regbiopower.rails1.flowhost.co.uk; root /home/sysadmin/regbiopower/current/public; passenger_enabled on; rails_env production; index index.html; } server { listen 80; server_name .clpwindprojects.co.uk clp.rails1.flowhost.co.uk; access_log /home/sysadmin/clp/logs/access.log; location / { root /home/sysadmin/clp; index index.php; if (-f $request_filename) { expires 30d; break; } if (!-e $request_filename) { rewrite ^(.+)$ /index.php?q=$1 last; } } location ~ .php$ { fastcgi_pass 127.0.0.1:49232; #this must point to the socket spawn_fcgi is running on. fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /home/sysadmin/clp$fastcgi_script_name; # same path as above fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT /home/sysadmin/clp; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; } } } As you can see there is no reference to a http authentication

    Read the article

  • methods DSA_do_verify and SHA1 (OpenSSL library for Windows)

    - by Rei
    i am working on a program to authenticate an ENC signature file by using OpenSSL for windows, and specifically methods DSA_do_verify(...) and SHA1(...) hash algorithm, but is having problems as the result from DSA_do_verify is always 0 (invalid). I am using the signature file of test set 4B from the IHO S-63 Data Protection Scheme, and also the SA public key (downloadable from IHO) for verification. Below is my program, can anyone help to see where i have gone wrong as i have tried many ways but failed to get the verification to be valid, thanks.. The signature file from test set 4B // Signature part R: 3F14 52CD AEC5 05B6 241A 02C7 614A D149 E7D6 C408. // Signature part S: 44BB A3DB 8C46 8D11 B6DB 23BE 1A79 55E6 B083 7429. // Signature part R: 93F5 EF86 1FF6 BA6F 1C2B B9BB 7F36 0C80 2F9B 2414. // Signature part S: 4877 8130 12B4 50D8 3688 B52C 7A84 8E26 D442 8B6E. // BIG p C16C BAD3 4D47 5EC5 3966 95D6 94BC 8BC4 7E59 8E23 B5A9 D7C5 CEC8 2D65 B682 7D44 E953 7848 4730 C0BF F1F4 CB56 F47C 6E51 054B E892 00F3 0D43 DC4F EF96 24D4 665B. // BIG q B7B8 10B5 8C09 34F6 4287 8F36 0B96 D7CC 26B5 3E4D. // BIG g 4C53 C726 BDBF BBA6 549D 7E73 1939 C6C9 3A86 9A27 C5DB 17BA 3CAC 589D 7B3E 003F A735 F290 CFD0 7A3E F10F 3515 5F1A 2EF7 0335 AF7B 6A52 11A1 1035 18FB A44E 9718. // BIG y 15F8 A502 11C2 34BB DF19 B3CD 25D1 4413 F03D CF38 6FFC 7357 BCEE 59E4 EBFD B641 6726 5E5F 0682 47D4 B50B 3B86 7A85 FB4D 6E01 8329 A993 C36C FD9A BFB6 ED6D 29E0. dataServer_pkeyfile.txt (extracted from above) // BIG p C16C BAD3 4D47 5EC5 3966 95D6 94BC 8BC4 7E59 8E23 B5A9 D7C5 CEC8 2D65 B682 7D44 E953 7848 4730 C0BF F1F4 CB56 F47C 6E51 054B E892 00F3 0D43 DC4F EF96 24D4 665B. // BIG q B7B8 10B5 8C09 34F6 4287 8F36 0B96 D7CC 26B5 3E4D. // BIG g 4C53 C726 BDBF BBA6 549D 7E73 1939 C6C9 3A86 9A27 C5DB 17BA 3CAC 589D 7B3E 003F A735 F290 CFD0 7A3E F10F 3515 5F1A 2EF7 0335 AF7B 6A52 11A1 1035 18FB A44E 9718. // BIG y 15F8 A502 11C2 34BB DF19 B3CD 25D1 4413 F03D CF38 6FFC 7357 BCEE 59E4 EBFD B641 6726 5E5F 0682 47D4 B50B 3B86 7A85 FB4D 6E01 8329 A993 C36C FD9A BFB6 ED6D 29E0. Program abstract: QbyteArray pk_data; QFile pk_file("./dataServer_pkeyfile.txt"); if (pk_file.open(QIODevice::Text | QIODevice::ReadOnly)) { pk_data.append(pk_file.readAll()); } pk_file.close(); unsigned char ptr_sha_hashed[20]; unsigned char *ptr_pk_data = (unsigned char *)pk_data.data(); // openssl SHA1 hashing algorithm SHA1(ptr_pk_data, pk_data.length(), ptr_sha_hashed); DSA_SIG *dsasig = DSA_SIG_new(); char ptr_r[] = "93F5EF861FF6BA6F1C2BB9BB7F360C802F9B2414"; //from tset 4B char ptr_s[] = "4877813012B450D83688B52C7A848E26D4428B6E"; //from tset 4B if (BN_hex2bn(&dsasig->r, ptr_r) == 0) return 0; if (BN_hex2bn(&dsasig->s, ptr_s) == 0) return 0; DSA *dsakeys = DSA_new(); //the following values are from the SA public key char ptr_p[] = "FCA682CE8E12CABA26EFCCF7110E526DB078B05EDECBCD1EB4A208F3AE1617AE01F35B91A47E6DF63413C5E12ED0899BCD132ACD50D99151BDC43EE737592E17"; char ptr_q[] = "962EDDCC369CBA8EBB260EE6B6A126D9346E38C5"; char ptr_g[] = "678471B27A9CF44EE91A49C5147DB1A9AAF244F05A434D6486931D2D14271B9E35030B71FD73DA179069B32E2935630E1C2062354D0DA20A6C416E50BE794CA4"; char ptr_y[] = "963F14E32BA5372928F24F15B0730C49D31B28E5C7641002564DB95995B15CF8800ED54E354867B82BB9597B158269E079F0C4F4926B17761CC89EB77C9B7EF8"; if (BN_hex2bn(&dsakeys->p, ptr_p) == 0) return 0; if (BN_hex2bn(&dsakeys->q, ptr_q) == 0) return 0; if (BN_hex2bn(&dsakeys->g, ptr_g) == 0) return 0; if (BN_hex2bn(&dsakeys->pub_key, ptr_y) == 0) return 0; int result; //valid = 1, invalid = 0, error = -1 result = DSA_do_verify(ptr_sha_hashed, 20, dsasig, dsakeys); //result is 0 (invalid)

    Read the article

  • Authenticating users for a website

    - by MCB
    I'm working on a website and I want to validate that an individual is an employee at one of a large number of companies (probably using their company's email address, which I don't know before hand). The idea being some users are the general public and others are from these companies. And I need some way to authenticate that the users claiming to be employees are being honest while still having a friendly enough UI. I did an informal survey of people I know and the domains and emails will match in a majority of cases but they might not always match exactly so you might have a company with a website foo.com and an email [email protected] (although foobar.com did redirect back to foo.com). And while I can easily check that I'm not sure what other variations might be out there (maybe fooLA.com and email [email protected], etc.)

    Read the article

  • Authentication between web server and sql server

    - by thirster42
    So, we're restructuring out development environment. We've installed SQL Server onto it's own server, and we are publishing our internal web applications onto a seperate web server. However, the problem is that for some reason the authentication of the user between the web server and sql server gets lost, resulting in the Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' error. Where do i start troubleshooting? SQL Server is set up for TCP and remote connections.

    Read the article

  • How does Lastpass recognize actual login?

    - by Pan.student
    We are currently working on simple school project using Codeigniter where we need login page. It would be very useful if Lastpass could recognise and save logins. We have several accounts with different roles and manual insert of login is pretty slow. So I was wondering what needs to be done and where in files (view, controller?) for Lastpass to work as it does on every website. For example this is our login form: <?php echo form_open('login'); ?> <input type="text" id="username" name="username"/> <input type="text" id="password" name="password"/> <input type="submit" value="Login"/> </form> Thanks for help. (could not create new tag "Lastpass" due to low reputation) [SOLVED] changed <input type="text" id="password" name="password"/> to <input type="password" id="password" name="password"/>

    Read the article

  • How to hide the admin login form?

    - by John Doe
    In my website there are no accounts except for those of moderators and administrators. That's why I don't want to show the login form to everyone but to these people. I thought of using a weird URL for the login form like www.example.com/1a79a4d60de6718e8e5b326e338ae533 that only admins and mods would know. But it's a quite impractical solution, besides if someone would want to login in another computer and forgets this URL, then is unable to. Is there any more effective way?

    Read the article

  • Help on PHP CURL script [closed]

    - by Sumeet Jain
    This script uses a cookie.txt in the same folder chmoded to 777... The problem i am facing is i hav many accounts to login... Say if i hav 5 accounts...i created cookie1.txt,cookie2.txt an so on.. then the script worked..with the post data But i want this to be always logged in and post data.. Can anyone tell me how to do this????? Code which works for login and post data is http://pastebin.com/zn3gfdF2 Code which i require should be something like this ( i tried with using the same cookie.txt but i guess it expires :( ) http://pastebin.com/45bRENLN Please help me with dealing with cookies... Or suggest how to modify the code without using cookie files...

    Read the article

  • How to work around the home directory changing to /root when using sudo?

    - by Nathanel Titane
    Hello everybody! With Natty coming out soon, I've been at work updating my deployment and self-config script to make my desktop on 11.04 run and look the way I want it to. One bummer is that dbus seems to have changed and does not permit, in the same manner Lucid and Maverick did, the authentication of the current user by terminal call using grep and cat. Ideally, to run the script, I would sudo -s and then launch it as # chmod +x install && ./install Instead of returning my user name.. it now returns root and applies changes to the root profile and aborts whenever paths do not correspond. Here is my script header: #!/bin/bash ON_USER=$(echo ~ | awk -F'/' '{ print $1 $2 $3 }' | sed 's/home//g') export $(grep -v "^#" ~/.dbus/session-bus/`cat /var/lib/dbus/machine-id`-0) if sudo -u $ON_USER test -z "$DBUS_SESSION_BUS_ADDRESS" ; then eval `sudo -u $ON_USER dbus-launch --sh-syntax --exit-with-session` fi RELEASE=$(lsb_release -cs) How could I make it return the actual user now that natty is coming? Thanks for the help

    Read the article

  • My cPanel login is being redirected. How can I resolve this?

    - by Suz
    I'm trying to get to cPanel to manage my website. When I type www.mydomain.com:2082 into the browser window, the request seems to be redirected. I made a screen-cast so I could slow down the changes in the address bar. First it seems to go to http://www.mydomain.com:2082/login then http://www.mydomain.com/cgi-sys/login.cgi At this point, a screen briefly appears which says 'Login attempt failed' and then the address is redirected to https://this22.thishost.com:2083/, which is no relation to my site at all. This looks to me like there has been an attack on the system and the login.cgi file is compromised. Any suggestions on how to analyze this further? or fix it? Of course my 'free hosting' isn't any help at all.

    Read the article

  • Drupal node access for anonymous users

    - by MrDresden
    I've never used Drupal before so this may be something that can easily be remedied, and that would be awesome. My problem is that a block, containing node information can't be viewed by anonymous users (unregisterd/not logged in), gives a "You are not authorized to access this content." message, but shows up for logged in users. The nodes that the block contains are events, so the block shows events for the next week. I've checked the users access settings but can't find anything that could possibly remedy this. I'm using drupal core 6.26, Event 6.x-2.x-dev, Event views 6.x-2.4 If anyone has any information, or solutions, I'd greatly appreciate it.

    Read the article

  • Prevent one user from disconnecting an active remote desktop session

    - by Nick R
    I've got a server where a number of users are sharing user logins for a short period of time to prevent too many people from logging in at the same time. The users are connecting over remote desktop, but the problem is that when one user is busy doing something, another user logs in as the same user and disconnects the active session. Is there any way of preventing one user from logging in and disconnecting the same username who is already connected to somewhere else?

    Read the article

  • How to run an application using sudo without a password?

    - by tutuca
    ... but still be required for applications that need admin privilegies? In order to allow the following: $ apache2ctl restart httpd not running, trying to start (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs $ sudo !! sudo apache2ctl restart #no password asked $ #works! For reference I've seen this setup on amazon's e3 instances Any idea?

    Read the article

  • Will using HTTPS hurt my site's SEO or other statistics?

    - by yannbane
    I've set up a WordPress blog. Since I have to log into it from many different locations/machines, I've also got an SSL certificate, and set up Apache to redirect HTTP to HTTPS. It all works, but I'm wondering whether that's an overkill. Since most people who go to my site don't have to log in, I'm starting to wonder whether HTTPS has some drawbacks. If so, should I look for a way to make HTTPS optional?

    Read the article

  • How to Unlock Applications folder

    - by Mark Coleman
    This question relates to Ubuntu 12.04 LTS. I wish to move a folder from the desktop into the applications folder at home/usr/share/applications. When I attempt to drag the folder from the desktop to the applications folder, I get the following message: "Error moving file: Permission denied" Permission or no permission, I want to move a folder from the desktop to the above said applications folder. How do I authenticate so I can make this move? There is no opportunity to authenticate when I get the error message, only "Skip" or "Cancel". I don't want to skip or cancel, I want to authenticate and move the folder. How do I do this? Thank you!

    Read the article

  • GWT - occasional com.google.gwt.user.client.rpc.SerializationException

    - by user214984
    Hello we are haunted by occasional occurences of exceptions such as: com.google.gwt.user.client.rpc.SerializationException: Type 'xxx' was not assignable to 'com.google.gwt.user.client.rpc.IsSerializable' and did not have a custom field serializer.For security purposes, this type will not be serialized.: instance = xxx at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serialize(ServerSerializationStreamWriter.java:610) at com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.writeObject(AbstractSerializationStreamWriter.java:129) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter$ValueWriter$8.write(ServerSerializationStreamWriter.java:152) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeValue(ServerSerializationStreamWriter.java:534) at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609) at com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java:467) at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:564) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:188) at de.softconex.travicemanager.server.TraviceManagerServiceImpl.processCall(TraviceManagerServiceImpl.java:615) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:224) at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) at org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:419) at org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:378) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1508) at java.lang.Thread.run(Thread.java:619) The application is normally running fine. The indicated class implements Serializable (the whole object graph). So far the only patterns / observations are: we seem to have the issue only when the application is used inside an iframe the problem seems to happen when a new version of the application has been deployed running firefox in privacy mode (disabling all caches etc.) doesn't fix the problem Any ideas? Holger

    Read the article

  • The HTTP request was forbidden with client authentication scheme 'Anonymous'

    - by dudia
    I am trying to configure a WCF server\client to work with SSL I get the following exception: The HTTP request was forbidden with client authentication scheme 'Anonymous' I have a self hosted WCF server. I have run hhtpcfg both my client and server certificates are stored under Personal and Trusted People on the Local Machine Here is the server code: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; binding.Security.Mode = WebHttpSecurityMode.Transport; _host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.PeerOrChainTrust; _host.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; _host.Credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine; _host.Credentials.ServiceCertificate.SetCertificate("cn=ServerSide", StoreLocation.LocalMachine, StoreName.My); Client Code: binding.Security.Mode = WebHttpSecurityMode.Transport; binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; WebChannelFactory<ITestClientForServer> cf = new WebChannelFactory<ITestClientForServer>(binding, url2Bind); cf.Credentials.ClientCertificate.SetCertificate("cn=ClientSide", StoreLocation.LocalMachine, StoreName.My); ServicePointManager.ServerCertificateValidationCallback += RemoteCertificateValidate; Looking at web_tracelog.svclog and trace.log reveals that the server cannot autheticate the client certificate My certificate are not signed by an Authorized CA but this is why I added them to the Trusted People.... What Am I missing? What am I missing?

    Read the article

  • System.Net.WebClient doesn't work with Windows Authentication

    - by Peter Hahndorf
    I am trying to use System.Net.WebClient in a WinForms application to upload a file to an IIS6 server which has Windows Authentication as it only 'Authentication' method. WebClient myWebClient = new WebClient(); myWebClient.Credentials = new System.Net.NetworkCredential(@"boxname\peter", "mypassword"); byte[] responseArray = myWebClient.UploadFile("http://localhost/upload.aspx", fileName); I get a 'The remote server returned an error: (401) Unauthorized', actually it is a 401.2 Both client and IIS are on the same Windows Server 2003 Dev machine. When I try to open the page in Firefox and enter the same correct credentials as in the code, the page comes up. However when using IE8, I get the same 401.2 error. Tried Chrome and Opera and they both work. I have 'Enable Integrated Windows Authentication' enabled in the IE Internet options. The Security Event Log has a Failure Audit: Logon Failure: Reason: An error occurred during logon User Name: peter Domain: boxname Logon Type: 3 Logon Process: ÈùÄ Authentication Package: NTLM Workstation Name: boxname Status code: 0xC000006D Substatus code: 0x0 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 127.0.0.1 Source Port: 1476 I used Process Monitor and Fiddler to investigate but to no avail. Why would this work for 3rd party browsers but not with IE or System.Net.WebClient?

    Read the article

  • Can not call web service with basic authentication using WCF

    - by RexM
    I've been given a web service written in Java that I'm not able to make any changes to. It requires the user authenticate with basic authentication to access any of the methods. The suggested way to interact with this service in .NET is by using Visual Studio 2005 with WSE 3.0 installed. This is an issue, since the project is already using Visual Studio 2008 (targeting .NET 2.0). I could do it in VS2005, however I do not want to tie the project to VS2005 or do it by creating an assembly in VS2005 and including that in the VS2008 solution (which basically ties the project to 2005 anyway for any future changes to the assembly). I think that either of these options would make things complicated for new developers by forcing them to install WSE 3.0 and keep the project from being able to use 2008 and features in .NET 3.5 in the future... ie, I truly believe using WCF is the way to go. I've been looking into using WCF for this, however I'm unsure how to get the WCF service to understand that it needs to send the authentication headers along with each request. I'm getting 401 errors when I attempt to do anything with the web service. This is what my code looks like: WebHttpBinding webBinding = new WebHttpBinding(); ChannelFactory<MyService> factory = new ChannelFactory<MyService>(webBinding, new EndpointAddress( "http://127.0.0.1:80/Service/Service/")); factory.Endpoint.Behaviors.Add(new WebHttpBehavior()); factory.Credentials.UserName.UserName = "username"; factory.Credentials.UserName.Password = "password"; MyService proxy = factory.CreateChannel(); proxy.postSubmission(_postSubmission); This will run and throw the following exception: "The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm=realm'." And this has an inner exception of: "The remote server returned an error: (401) Unauthorized." Any thoughts about what might be causing this issue would be greatly appreciated.

    Read the article

  • End-to-end kerberos delegated authentication in ASP.NET

    - by Erlend
    I'm trying to setup an internal website that will contact another backend service within the network on behalf of the user using a HttpWebRequest. I have to use Integrated Windows Authentication on the ASP.NET application as the backend system only supports this type of authentication. I'm able to setup IWA on the ASP.NET application, and it's using kerberos as I expect it to. However when the authentication is delegated to the backend system it doesn't work anymore. This is because the backend system only supports kerberos IWA, but the delegation for some reason - even though the incoming request is kerberos authenticated - converts the authentication to NTLM before forwaring to the backend system. Does anybody know what I need to do on the ASP.NET application in order to allow it to forward the identity using kerberos? I've currently tried the followin but it doesn't seem to work CredentialCache credentialCache = new CredentialCache(); credentialCache.Add(request.RequestUri, "Negotiate", CredentialCache.DefaultCredentials.GetCredential(request.RequestUri, "Kerberos")); request.Credentials = credentialCache; I've also tried to set "Kerberos" where it now says "Negotiate", but it doesn't seem to do much.

    Read the article

  • Facebook Graph API authentication in canvas app and track session

    - by cdpnet
    Short question is: how can i use graph api oauth redirects mechanism to authenticate user and save retrieved access_token and also use javascript SDK when needed (the problem is javascript SDK will have different access_token when initialized). I have initially setup my facebook iframe canvas app, with single sign on. This works well with graph api, as I am able to use access_token saved by facebook's javascript when it detects sessionchange(user logged in). But, I want to rather not do single sign-on. But, use graph api redirect and force user to send to a permissions dialog. But, if he has already given permissions, I shouldn't redirect user. How to handle this? Another question: I have done graph api redirects for authentication and have retrieved access_token also. But then, what if I want to use javascript call FB.ui to do stream.Publish? I think it will use it's own access_token which is set during FB.init and detecting session. So, I am looking for some path here. How to use graph api for authentication and also use facebook's javascript SDK when needed. P.S. I'm using ASP .NET MVC 2. I have an authentication filter developed, which needs to detect the user's authentication state and redirect.(currently it does this to graph api authorize url)

    Read the article

  • Spring Security 3.0 - Intercept-URL - All pages require authentication but one

    - by gav
    Hi All, I want any user to be able to submit their name to a volunteer form but only administrators to be able to view any other URL. Unfortunately I don't seem to be able to get this correct. My resources.xml are as follows; <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <http realm = "BumBumTrain Personnel list requires you to login" auto-config="true" use-expressions="true"> <http-basic/> <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="admin" password="admin" authorities="ROLE_ADMIN"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans> Specifically I am trying to achieve the access settings I described via; <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> Could someone please describe how to use intercept-url to achieve the outcome I've described? Thanks Gav

    Read the article

  • Sharepoint user details not visible to other users

    - by richardoz
    I am managing a SharePoint site that uses Form Based Authentication. We have several generic lists, document libraries and active task lists that users can create update and delete. Users can use the people pickers to select/search for everyone. But the users cannot see other users names, email addresses etc. in display lists or the people pickers. If I log in as the site collection administrator, I can see everyones details. So I know the data is available. Updated details on this problem (non-administrators) SharePoint users cannot see other users information. Example: User A assigns a task to user B. User A creates a new task and uses the people picker to find user B. User B is only visible by the login name “bname” and any information about user B is not visible or searchable within the people picker. Once user B is assigned the task, user A no longer sees the name in the task list – even though user A created it. No modified by, created by, assigned to or owner field data is visible to non-administrator users. Facts: Extranet site is configured to use Forms Based Authentication. Intranet uses windows based authentication Users of both the intranet and extranet have the same problem All databases are local The site uses SSRS integration SharePoint WSS on Windows 2003 Std -- After activating the verbose logging it looks like SharePoint is definately asking SQL server for only the user info for the currently logged in user: SELECT TOP 6 /lots-of-columns/ FROM UserData INNER MERGE JOIN Docs AS t1 ON ( 1 = 1 AND UserData.[tp_RowOrdinal] = 0 AND t1.SiteId = UserData.tp_SiteId AND t1.SiteId = @L2 AND t1.DirName = UserData.tp_DirName AND t1.LeafName = UserData.tp_LeafName AND t1.Level = UserData.tp_Level AND t1.IsCurrentVersion = 1 AND (1 = 1) ) LEFT OUTER JOIN AllUserData AS t2 ON ( UserData.[tp_Author]=t2.[tp_ID] AND UserData.[tp_RowOrdinal] = 0 AND t2.[tp_RowOrdinal] = 0 AND ( (t2.tp_IsCurrent = 1) ) AND t2.[tp_CalculatedVersion] = 0 AND t2.[tp_DeleteTransactionId] = 0x AND t2.tp_ListId = @L3 AND UserData.tp_ListId = @L4 AND t2.[tp_Author]=162 /* this is the currently logged in user */ ) WHERE (UserData.tp_IsCurrent = 1) AND UserData.tp_SiteId=@L2 AND (UserData.tp_DirName=@DN) AND UserData.tp_RowOrdinal=0 AND ( ( (UserData.[datetime1] IS NULL ) OR (UserData.[datetime1] = @L5DTP) ) AND t1.SiteId=@L2 AND (t1.DirName=@DN) ) ORDER BY UserData.[tp_Modified] Desc, UserData.[tp_ID] Asc Again, any ideas would be appreciated.

    Read the article

  • Spring Security 3.0- Customise basic http Authentication Dialog

    - by gav
    Rather than reading; A user name and password are being requested by http://localhost:8080. The site says: "Spring Security Application" I want to change the prompt, or at least change what the "site says". Does anyone know how to do this via resources.xml? In my Grails App Spring configuration, my current version is as follows; <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <http auto-config="true" use-expressions="true"> <http-basic/> <intercept-url pattern="/**" access="isAuthenticated()" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="admin" password="admin" authorities="ROLE_ADMIN"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans>

    Read the article

  • SQL problem - select accross multiple tables (user groups)

    - by morpheous
    I have a db schema which looks something like this: create table user (id int, name varchar(32)); create table group (id int, name varchar(32)); create table group_member (foobar_id int, user_id int, flag int); I want to write a query that allows me to so the following: Given a valid user id (UID), fetch the ids of all users that are in the same group as the specified user id (UID) AND have group_member.flag=3. Rather than just have the SQL. I want to learn how to think like a Db programmer. As a coder, SQL is my weakest link (since I am far more comfortable with imperative languages than declarative ones) - but I want to change that. Anyway here are the steps I have identified as necessary to break down the task. I would be grateful if some SQL guru can demonstrate the simple SQL statements - i.e. atomic SQL statements, one for each of the identified subtasks below, and then finally, how I can combine those statements to make the ONE statement that implements the required functionality. Here goes (assume specified user_id [UID] = 1): //Subtask #1. Fetch list of all groups of which I am a member Select group.id from user inner join group_member where user.id=group_member.user_id and user.id=1 //Subtask #2 Fetch a list of all members who are members of the groups I am a member of (i.e. groups in subtask #1) Not sure about this ... select user.id from user, group_member gm1, group_member gm2, ... [Stuck] //Subtask #3 Get list of users that satisfy criteria group_member.flag=3 Select user.id from user inner join group_member where user.id=group_member.user_id and user.id=1 and group_member.flag=3 Once I have the SQL for subtask2, I'd then like to see how the complete SQL statement is built from these subtasks (you dont have to use the SQL in the subtask, it just a way of explaining the steps involved - also, my SQL may be incorrect/inefficient, if so, please feel free to correct it, and point out what was wrong with it). Thanks

    Read the article

  • Custom authentication module inheriting IHttpModule issue.

    - by Chandan Khatwani
    LoginPage.aspx:- protected void Button1_Click(object sender, EventArgs e) { Context.Items["Username"] = txtUserId.Text; Context.Items["Password"] = txtPassword.Text; // FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath); // Encrypt the cookie using the machine key for secure transport string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName, // Name of auth cookie hash); // Hashed ticket // Set the cookie's expiration time to the tickets expiration time if (ticket.IsPersistent) cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); Response.Redirect("Default.aspx"); } Global.asax file:- void Application_AuthenticateRequest(object sender, EventArgs e) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; // Get the stored user-data, in this case, our roles string userData = ticket.UserData; string[] roles = userData.Split(','); HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles); Response.Write(HttpContext.Current.User.Identity.Name); Response.Redirect("Default.aspx"); } } } } I get the following error after signing in This webpage has a redirect loop. The webpage at http://localhost:1067/Default.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >